<a href='https://github.com/angular/angular.js/edit/v1.3.x/src/ng/directive/ngBind.js?message=docs(ngBindHtml)%3A%20describe%20your%20change...#L139' class='improve-docs btn btn-primary'><i class="glyphicon glyphicon-edit">&nbsp;</i>Improve this Doc</a>



<a href='https://github.com/angular/angular.js/tree/v1.3.13/src/ng/directive/ngBind.js#L139' class='view-source pull-right btn btn-primary'>
  <i class="glyphicon glyphicon-zoom-in">&nbsp;</i>View Source
</a>


<header class="api-profile-header">
  <h1 class="api-profile-header-heading">ngBindHtml</h1>
  <ol class="api-profile-header-structure naked-list step-list">
    
    <li>
      - directive in module <a href="api/ng">ng</a>
    </li>
  </ol>
</header>



<div class="api-profile-description">
  <p>Evaluates the expression and inserts the resulting HTML into the element in a secure way. By default,
the resulting HTML content will be sanitized using the <a href="api/ngSanitize/service/$sanitize">$sanitize</a> service.
To utilize this functionality, ensure that <code>$sanitize</code> is available, for example, by including <a href="api/ngSanitize"><code>ngSanitize</code></a> in your module&#39;s dependencies (not in core Angular). In order to use <a href="api/ngSanitize"><code>ngSanitize</code></a>
in your module&#39;s dependencies, you need to include &quot;angular-sanitize.js&quot; in your application.</p>
<p>You may also bypass sanitization for values you know are safe. To do so, bind to
an explicitly trusted value via <a href="api/ng/service/$sce#trustAsHtml">$sce.trustAsHtml</a>.  See the example
under <a href="api/ng/service/$sce#show-me-an-example-using-sce-">Strict Contextual Escaping (SCE)</a>.</p>
<p>Note: If a <code>$sanitize</code> service is unavailable and the bound value isn&#39;t explicitly trusted, you
will have an exception (instead of an exploit.)</p>

</div>




<div>
  

  
  <h2>Directive Info</h2>
  <ul>
    
    <li>This directive executes at priority level 0.</li>
  </ul>

  
  <h2 id="usage">Usage</h2>
  <div class="usage">
  
    <ul>
    <li>as attribute:
        <pre><code>&lt;ANY&#10;  ng-bind-html=&quot;&quot;&gt;&#10;...&#10;&lt;/ANY&gt;</code></pre>
      </li>
    
  </div>
  
<section class="api-section">
  <h3>Arguments</h3>

<table class="variables-matrix input-arguments">
  <thead>
    <tr>
      <th>Param</th>
      <th>Type</th>
      <th>Details</th>
    </tr>
  </thead>
  <tbody>
    
    <tr>
      <td>
        ngBindHtml
        
        
      </td>
      <td>
        <a href="" class="label type-hint type-hint-expression">expression</a>
      </td>
      <td>
        <p><a href="guide/expression">Expression</a> to evaluate.</p>

        
      </td>
    </tr>
    
  </tbody>
</table>

</section>
  


  
  <h2 id="example">Example</h2><p>

<div>
  <a ng-click="openPlunkr('examples/example-example61', $event)" class="btn pull-right">
    <i class="glyphicon glyphicon-edit">&nbsp;</i>
    Edit in Plunker</a>

  <div class="runnable-example"
      path="examples/example-example61"
      module="bindHtmlExample"
      deps="angular-sanitize.js">

  
    <div class="runnable-example-file" 
      name="index.html"
      language="html"
      type="html">
      <pre><code>&lt;div ng-controller=&quot;ExampleController&quot;&gt;&#10; &lt;p ng-bind-html=&quot;myHTML&quot;&gt;&lt;/p&gt;&#10;&lt;/div&gt;</code></pre>
    </div>
  
    <div class="runnable-example-file" 
      name="script.js"
      language="js"
      type="js">
      <pre><code>angular.module(&#39;bindHtmlExample&#39;, [&#39;ngSanitize&#39;])&#10;.controller(&#39;ExampleController&#39;, [&#39;$scope&#39;, function($scope) {&#10;  $scope.myHTML =&#10;     &#39;I am an &lt;code&gt;HTML&lt;/code&gt;string with &#39; +&#10;     &#39;&lt;a href=&quot;#&quot;&gt;links!&lt;/a&gt; and other &lt;em&gt;stuff&lt;/em&gt;&#39;;&#10;}]);</code></pre>
    </div>
  
    <div class="runnable-example-file" 
      name="protractor.js"
      type="protractor"
      language="js">
      <pre><code>it(&#39;should check ng-bind-html&#39;, function() {&#10;  expect(element(by.binding(&#39;myHTML&#39;)).getText()).toBe(&#10;      &#39;I am an HTMLstring with links! and other stuff&#39;);&#10;});</code></pre>
    </div>
  

    <iframe class="runnable-example-frame" src="examples/example-example61/index.html" name="example-example61"></iframe>
  </div>
</div>


</p>

</div>


